diff --git a/README.md b/README.md index dc28725..1a18ab2 100644 --- a/README.md +++ b/README.md @@ -88,7 +88,7 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea C&C Tracker - A feed of known, active and non-sinkholed C&C IP addresses, from Bambenek Consulting. + A feed of known, active and non-sinkholed C&C IP addresses, from Bambenek Consulting. Requires license for commercial use. @@ -189,7 +189,7 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea - DNSTrails + DNS Trails Free intelligence source for current and historical DNS information, WHOIS information, finding other websites associated with certain IPs, subdomain knowledge and technologies. There is a IP and domain intelligence API available as well. @@ -674,14 +674,6 @@ The primary goal of Malpedia is to provide a resource for rapid identification a An open source repository with different Yara signatures that are compiled, classified and kept as up to date as possible. - - - ZeuS Tracker - - - The ZeuS Tracker by abuse.ch tracks ZeuS Command & Control servers (hosts) around the world and provides you a domain- and a IP-blocklist. - - 1st Dual Stack Threat Feed by MrLooquer @@ -766,7 +758,7 @@ Standardized formats for sharing Threat Intelligence (mostly IOCs). VERIS - The Vocabulary for Event Recording and Incident Sharing (VERIS) is a set of metrics designed to provide a common language for describing security incidents in a structured and repeatable manner. VERIS is a response to one of the most critical and persistent challenges in the security industry - a lack of quality information. In addition to providing a structured format, VERIS also collects data from the community to report on breaches in the Verizon Data Breach Investigations Report (DBIR) and publishes this database online at VCDB.org. + The Vocabulary for Event Recording and Incident Sharing (VERIS) is a set of metrics designed to provide a common language for describing security incidents in a structured and repeatable manner. VERIS is a response to one of the most critical and persistent challenges in the security industry - a lack of quality information. In addition to providing a structured format, VERIS also collects data from the community to report on breaches in the Verizon Data Breach Investigations Report (DBIR) and publishes this database online in a GitHub repository.org. @@ -1018,14 +1010,6 @@ Frameworks, platforms and services for collecting, analyzing, creating and shari Scumblr helps you streamline proactive security through an intelligent automation framework to help you identify, track, and resolve security issues faster. - - - Soltra - - - Soltra supports a community defense model that is highly interoperable and extensible. It is built with industry standards supported out of the box, including STIX (up to 2.1) and TAXII. - - STAXX (Anomali) @@ -1138,10 +1122,10 @@ All kinds of tools for parsing, creating and editing Threat Intelligence. Mostly @@ -1733,7 +1717,7 @@ All kinds of reading material about Threat Intelligence. Includes (scientific) r
- ActorTrackr + ActorTrackr - ActorTrackr is an open source web application for storing/searching/linking actor related data. The primary sources are from users and various public repositories. Source available on GitHub. + ActorTrackr is an open source web application for storing/searching/linking actor related data. The primary sources are from users and various public repositories. Source available on GitHub.
- ATT&CK + ATT&CK Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) is a model and framework for describing the actions an adversary may take while operating within an enterprise network. ATT&CK is a constantly growing common reference for post-access techniques that brings greater awareness of what actions may be seen during a network intrusion. MITRE is actively working on integrating with related construct, such as CAPEC, STIX and MAEC.